• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2310
  • Last Modified:

How to get mountd to pass through checkpoint firewall

Hi All,

would someone be able to tell me how do I get NFS ports (particularly mountd) to pass through a Checkpoint R70 firewall? They are being blocked by Implied rules.

Ideally I'd like to be able to do this without changing the order in which the implied rules are applied to my rule base but if thats the only way then I'd like to find out what the repercussions could be on the rest of my rules.

Many thanks!
0
yellowteam
Asked:
yellowteam
  • 2
  • 2
1 Solution
 
arnoldCommented:
You should configure a VPN (remote) connection and access the NFS over the VPN.

Opening ports for NFS:
http://forums.freebsd.org/showthread.php?t=5123

There are different options depending on which NFS mode you use nfs3, or 4.
0
 
yellowteamAuthor Commented:
Hi there, sorry I should have mentioned that this is between two internal networks that are seperated by this firewall
0
 
arnoldCommented:
You would then need to setup a set of rules on the firewall to allow the  UDP/TCP traffic between the interface segments outlined in the link from the earlier post.

sunrpc            111/tcp         rpcbind      #SUN Remote Procedure Call
sunrpc            111/udp         rpcbind      #SUN Remote Procedure Call
nfsd-status      1110/tcp   #Cluster status info
nfsd-keepalive      1110/udp   #Client status info
nfsd            2049/tcp   nfs            # NFS server daemon
nfsd            2049/udp   nfs            # NFS server daemon
lockd            4045/udp   # NFS lock daemon/manager
lockd            4045/tcp

0
 
yellowteamAuthor Commented:
Hi There
Thanks for that, I've now gotten it working
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now